Microsoft lies to your face about browser security

Microsoft’s Head of Security and Privacy in the UK has told TechRadar that people who jump ship from Internet Explorer after the recent spate of bad headlines risk ending up on a less secure browser. With France and Germany both advising a move away from Internet Explorer, things are far from rosy for Microsoft’s browser […yet] Microsoft’s UK security chief Cliff Evans insists that a non-Microsoft browser is the worse option. “The net effect of switching [from IE] is that you will end up on less secure browser,” insisted Evans. “The risk [over this specific] exploit is minimal compared to Firefox or other competing browsers… you will be opening yourself up to security issues.

My recommendation if you use Windows: make sure the version of IE that’s installed (because you can’t uninstall it!) is the latest/least vulnerable (IE8) and then install at least one of the non-IE browsers listed (personally I always recommend Firefox :) and then use THAT. Of course, you could always switch to a Mac or Linux…

11 Responses to “Microsoft lies to your face about browser security”

Those stats look pretty bad. The large number of unpatched vulnerabilities in IE aren’t nearly as critical as the recent one, but would have to say that the other browsers patching the less critical issues demonstrates a better commitment to security. Microsoft just don’t seem to care.

MS tend to point to weaknesses in other browsers. Sure sometimes they do exist. But there are different reasons they will not be so easy to exploit.

But all that is not really important for people not involved in making browsers secure. For most people that are deciding which browser to use it is only the likelihood of an attack that matters. And that is best predicted by the relative numbers of attacks in the past and their impact, not by some philosophic approach about security and weaknesses.

Microsoft’s past actions have screamed so loudly I can no longer hear what Microsoft’s Head of Security and Privacy is saying. They have created a history of saying one thing and intentionally doing another.

Re Dirk above:
Concern about attacks against a secure browser: 0.0%
Concern about attacks against an insecure browser: 100.0%
Every machine connected to the internet gets attacked regularly.
If you are running insecure software, your machine is
probably already compromised.

I think Government not merely should warn about IE, they should also outlaw bundling. It is grossly unfair and unreasonable that computer buyers are forced to pay a what amounts to a tax to a foreign corporation, just in order to buy a pc. And it is iniquitous that one still has to pay Windows Tax regardless of whether or not one wants to use said corporation’s rotten products. I’m actually preparing a formal complaint to the OFT & the EU Commission. Still have lots of work to do but this is the progress so far:-http://www.garfnet.org.uk/joomla/index.php?option=com_content&view=category&id=74&Itemid=331

On the bright side, I think I sussed out a really simple way of working out if your computer is at risk of infection from worms, trojans, viruses, keyloggers, WGA & other spyware, adware, nagware and all those other nasties.

Open your file manager and search for a folder called System32! If you have one then you probably already been infected. lol :-)

Seriously mate, thanks for the article. Keep up the good work and feel free to contact me if I can be of any assistance.